When nodes are connected to an information communication network (e.g., the Internet, and a home network) as terminals, and when one node receives a service from the other node (or a part of functions of the other node), a communication message between the node as a service providing side and the node as a service receiving side is encrypted in order to prevent an authorized person from abusing the service.
Additionally, a common session key distributed to the node as the service providing side and the node as the service receiving side is used as an encryption key for encrypting the communication message. In a process of distributing such a session key to each node, it is required to deliver the session key with keeping the session key secret from an unauthorized person.
In order to fulfill the above requirement, there has been proposed an authentication system performing authentication in a common key encryption manner by use of a trusted third-party organization and then distributing the session key. For example, the KryptoKnight is known as such an authentication method (e.g., Japanese patent publication No. 3078841).
According to such an authentication manner, the common session key is distributed to a node as a communication initiator and a node as a communication responder. Here, authenticating means acting as the third party organization creates a session key, and generates, for each node, an encryption message including the session key by use of an encryption key of a corresponding node. Thereby, it is possible to distribute the session key to each node in a secure manner. In other words, the session key created by the authenticating means is sent to each node as an encryption message designed not to be decrypted by use of anything but the secret key retained by a corresponding node. Therefore, it is enabled to deliver the session key common to the nodes to each node in a secure manner.
A push scenario and a pull scenario are known as an authentication method. Regarding the push scenario, the node as the initiator receives the encryption message including the session key common to the node as the initiator and the node as the responder from the authenticating means. The node as the initiator decrypts the encryption message to obtain the session key. The node as the initiator receives the encryption message for the node as the responder from the authenticating means, and transfers the received encryption message to the node as the responder. Concerning the pull scenario, the node as the initiator requests the authenticating means through the node as the responder to distribute the session key. As a result, the node as the responder receives the encryption message including the session key from the authenticating means, and decrypts the encryption message for the node as the responder. Further, the node as the responder receives the encryption message for the node as the initiator from the authenticating means, and transfers the received encryption message to the node as the initiator.
With regard to the authentication in line with the common key encryption manner, the secret key common to the authenticating means and the node is recorded in the authenticating means any way. The secret key is recorded for each node. The authenticating means creates the encryption message containing the session key by use of secret key of each node, and sends it to each corresponding node. Therefore, it is possible to send the session key with respect to each node. In brief, since the common session key is distributed to the multiple nodes, it is enabled to establish secure communication between the nodes by use of the message encrypted with the session key. However, a single secret key is recorded in the authenticating means for each node. Thus, it is enabled to form only one domain within the information communication network.
In order to provide a different service per domain including nodes, and to enable a node to change a service provided, it is necessary to provide the authenticating means for each domain, and each node requires plural secret keys respectively corresponding to domains. In brief, in order to enable change of a service provided to a node, it is necessary to provide the plural authenticating means. Further, a node needs to select the authenticating means in accordance with the desired service and requires the selected authenticating means to perform authentication in order to obtain the session key.
In brief, the node needs to select the secret key in accordance with the desired service and access the authenticating means by use of the selected secret key in order to request the authentication. Therefore, it is very troublesome to change the service. In other words, the node needs to select the secret key and the authenticating means in order to change the service provided to the node. Thus, the user of the node suffers from the complicated process required for obtaining the session key by use of the node.